PostgreSQL Denial of Service Vulnerability Found and Patched

PostgreSQL is a fully featured object-relational database management system. It supports a large part of the SQL standard and is designed to be extensible by users in many aspects. Graphical user interfaces and bindings for many programming languages are available as well.

Earlier this month, I discovered a denial of service vulnerability in versions of PostgreSQL that caused a crash if a function was called with invalid arguments in a SQL query. In theory, one could examine the contents of the server’s memory after the crash using this vulnerability. Currently, no threats in the wild are exploiting this vulnerability.

The following versions of PostgreSQL are vulnerable:

8.3.x before 8.3.23

8.4.x before 8.4.16

9.0.x before 9.0.12

9.1.x before 9.1.8

9.2.x before 9.2.3

The function in question is the enum_recv function, which is not properly declared in backend/utils/adt/enum.c. The current fix bars calling the function from SQL; the declaration of the function will be fixed in a future release by PostgreSQL. The function should accept inputs of the type “internal” not as “cstring”.

PostgreSQL has released updates to patch this vulnerability. We strongly urge administrators to update their servers to the appropriate version as soon as possible. The patched versions are:

8.3.23

8.4.16

9.0.12

9.1.8

9.2.3

In addition, the following Deep Security rule can be used to protect against this threat:

1005393 – PostgreSQL “enum_recv()” Denial Of Service Vulnerability

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:

Security Predictions for 2018

Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.Read our security predictions for 2018.

Business Process Compromise

Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more,
read our Security 101: Business Process Compromise.